Privacy Policy - Eurocommercial Properties N.V.
PRIVACY NOTICE
Last updated: 15-7-2025
Eurocommercial Properties N.V. ( “Eurocommercial,” “we,” or “us”) want you to be familiar with how we collect, use and disclose information that identifies you as an individual or relates to you as an identifiable individual (“Personal Information”). This Privacy Notice describes how we process Personal Information of our professional contacts (such as investors and recipients of press releases and retail news), suppliers and stakeholders.
If you are a tenant or visitor of one of our shopping centers, please refer to the privacy notices on the associated website of the relevant shopping center to learn more about how our shopping centers process your Personal Information. A list of all Eurocommercial shopping centers including links to their websites can be found here.
COLLECTION AND PROCESSING OF PERSONAL INFORMATION
How we collect Personal Information
We collect Personal Information for various purposes and in various contexts as part of our business operations (see descriptions in the table below).
We need to collect certain Personal Information in order to provide the requested services to you. If you do not provide the information requested, we may not be able to provide the services. We will note which Personal Information is required to provide the services at the time of its collection.
If you disclose any Personal Information relating to other people to us, e.g. Personal Information of colleagues or your employer, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Notice.
Processing of Personal Information
We use your Personal Information for legitimate business purposes as described in the overview below.
Marketing and Media Relations
Purpose |
Personal Information |
Legal Basis |
Retention Period |
Sources |
Sending you information about our business, retail news and press releases. If you sign up to receive communications from us (e.g., our newsletter), we will send you periodic communications such as our press releases, retail news or relevant business updates. This may include e-mail or SMS marketing messages. |
Personal Information used for this purpose includes:
|
We rely on your consent to send you our press releases and business updates. |
We retain your Personal Information until you unsubscribe from receiving marketing communications from us. |
We receive the Personal Information directly from you. |
Investor and other stakeholder management
Purpose |
Personal Information |
Legal Basis |
Retention Period |
Sources |
Reporting and contract performance If you are a known investor or other stakeholder in our business, we will use your Personal Information to manage our relationship with you or perform any other agreement with you and for financial reporting purposes. |
Personal Information used for this purpose includes business contact information and financial information in investment contracts such as:
|
We process this Personal Information to perform the investment contract or other stakeholder agreement we have with you. We have a legal obligation to process investment data such as financial reporting and auditing obligations. |
We retain the Personal Information as long as needed for the applicable purpose or in accordance with legal obligations to retain certain Personal Information. |
We receive the Personal Information directly from you and from publicly available databases. |
Supplier management
Purpose |
Personal Information |
Legal Basis |
Retention Period |
Sources |
Establishment and performance of contracts If you are one of our suppliers or a member of their staff, we will use Personal Information about you to manage and execute our supplier contracts or to conclude new contracts. |
Personal Information used for this purpose includes business contact information such as:
|
We process this Personal Information on the basis of our contract, or in preparation thereof. |
We retain your Personal Information for the duration of our relationship or as required by applicable law (e.g., we have a legal obligation to retain tax-related information for a period of 7 years). |
We receive the Personal Information directly from you or use publicly available business contact details. |
Anonymization
Purpose |
Personal Information |
Legal Basis |
Retention Period |
Sources |
Aggregating or anonymizing Personal Information. Where we don’t need your Personal Information in identifiable form to pursue our purposes (such as performing analytics to obtain aggregate insights), we will aggregate and/or anonymize your Personal Information so that you are no longer identifiable and it is thus no longer considered Personal Information. |
We may aggregate, anonymize or pseudonymize any of your Personal Information as is necessary or required for the relevant purpose of anonymization or pseudonymization. |
We rely on our legitimate interests to anonymize your information, such as the interest to generate other data for our use. |
Where anonymized information no longer qualifies as Personal Information, we will keep such data in accordance with our retention policies. |
We receive the Personal Information directly from you or through your interactions with our services or website. |
Security and legal reasons
Purpose |
Personal Information |
Legal Basis |
Retention Period |
Sources |
Legal and compliance We have certain general legal and compliance obligations to process your Personal Information. This includes complying with applicable laws; complying with legal processes; responding to requests from public and government authorities; meeting national security or law enforcement requirements. Protecting our operations; protecting our rights, privacy, or property; and allowing us to pursue available legal remedies, defend claims and limit the damages that we may sustain. |
We use the Personal Information as relevant for the specific legal action, regulatory investigation, and/or legal processes in question. |
We rely on our relevant legal obligations to process the relevant Personal Information. We rely on our legitimate interest, such as enforcing terms and conditions and bringing or defending legal claims. |
As long as is required by the relevant legal obligation or necessary for the establishment, defense or exercise of a legal claim. |
N/A |
Fraud prevention and security We may use your Personal Information if this comes up in the context of:
|
Depending on the specific purpose, this may include any Personal Information that we have collected about you. |
We rely on our legitimate interests, such as identifying and/or preventing fraudulent transactions. We have a legal obligation to conduct audits and to detect and prevent cyberattacks. |
We retain the Personal Information as long as needed for the applicable purpose or in accordance with a legal obligation to retain certain Personal Information. |
We receive the Personal Information directly from you or through your interactions with our website (e.g., through the use of cookies and/or similar technologies). |
Disclosure of Personal Information
We disclose Personal Information to the following recipients:
- Our affiliates (e.g., if you are a supplier and also deliver services to our affiliates);
- IT service providers and related infrastructure service providers, including website hosting and email delivery;
- Other service providers as relevant.
Other Disclosures
We will also disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so:
- to public and/or government and/or regulatory authorities, including courts, tribunals, regulators, tax authorities and other government authorities;
- to third persons (legal or natural), as relevant for the specific legal action and/or processes in question (such as lawyers, auditors, insurers, advisory firms, etc.);
- to third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings). You will be notified of any such business transaction and of possible changes to the processing of your Personal Information in accordance with applicable law and the ‘Updates To This Privacy Notice’ section.
COOKIES AND SIMILAR TECHNOLOGIES
We may collect personal information through the use of cookies and similar technologies. Please see our Cookie Policy for more information.
SECURITY
We seek to use reasonable organizational, technical, and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can guarantee 100% security. If you have reason to believe that your Personal Information with us is no longer secure, please notify us immediately in accordance with the “Contacting Us” section below.
CHOICES AND individuals’ rights
Your choices regarding our use and disclosure of your Personal Information
We give you choices regarding our use and disclosure of your Personal Information for marketing purposes.
You will always be able to opt out from receiving marketing-related communications (including press releases and business updates) from us. If you no longer want to receive any marketing-related emails from us on a going-forward basis, you may opt out by clicking the “Unsubscribe” link at the bottom of the email that you receive from us. This will opt you out from all marketing communications from us.
We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing-related messages from us, we may still send you important administrative messages, from which you cannot opt out.
How you can exercise your rights
If you would like to request to access, correct, update, suppress, restrict, or delete Personal Information, object to or opt out of the processing of Personal Information, withdraw your consent (which will not affect the lawfulness of processing prior to the withdrawal), or if you would like to request a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the “Contacting Us” section below. We will respond to your request consistent with applicable law.
In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any operations that began prior to requesting a change or deletion.
You may lodge a complaint with an EU/EEA data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available here.
RETENTION PERIOD
We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by law, for example, for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
The criteria used to determine our retention periods include (i) the length of time we have an ongoing relationship with you (for example, for as long as you are a stakeholder, supplier or investor of us); (ii) whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Where a legal obligation arises or retention is advisable in light of our legal position, in some circumstances, we will retain certain Personal Information, even when we no longer have an ongoing business relationship with you; for example:
- To cooperate with law enforcement or public, regulatory and government authorities: If we receive a preservation order or search warrant, related to your account, we will preserve Personal Information subject to such order or warrant even after you delete your Services account.
- To pursue or defend a legal action: We may retain relevant Personal Information in the event of a legal claim or complaint, including regulatory investigations or legal proceedings about a claim related to your Personal Information, or if we reasonably believe there is a prospect of litigation (whether in respect of our relationship with you or otherwise) for up to 5 years after the dispute has been settled or decided by a court or tribunal from which there is no further right of appeal.
THIRD PARTY SERVICES
This Privacy Notice does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which we link. The inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.
USE OF SERVICES BY MINORS
Our business operations and services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.
JURISDICTION AND CROSS-BORDER TRANSFER
Your Personal Information may be stored and processed outside of the European Economic Area.
For such transfers, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Adequacy Decisions: Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here).
Standard Contractual Clauses: For transfers of Personal Information from the EEA to third countries where Personal Information is transferred, which are not considered adequate by the European Commission, we have put in place standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with the “Contacting Us” section below or by following this link.
SENSITIVE INFORMATION
Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through our website or otherwise to us.
UPDATES TO THIS PRIVACY NOTICE
The “Last Updated” legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes will become effective when we post the revised Privacy Notice on the website.
CONTACTING US
Eurocommercial Properties N.V., De Boelelaan 7, 1083 HJ Amsterdam, is the company responsible for collection, use, and disclosure of your Personal Information under this Privacy Notice.
If you have any questions about this Privacy Notice, please contact us at GDPR@ecpnv.com.
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.